MantisBT: master 5ea4f8ff

Diff Back to Repository
Author Committer Branch Timestamp Parent
vboctor vboctor master 2013-10-17 21:20 master 481f604c
Affected Issues  0014486: Secure session login is false security while changing password does not require old password
Changeset

Fixes 0014486: Secure session login is false security while changing password does not require old password

  • Require current password to change it.
  • Require re-auth (similar to admin page) when accessing account page so that email can't be changed without a recent login.
mod - account_page.php Diff File
mod - account_update.php Diff File
mod - core/constant_inc.php Diff File
mod - lang/strings_english.txt Diff File